SB2026070127 - Multiple vulnerabilities in IBM Maximo AI Service
Published: July 1, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 5 vulnerabilities.
1) Out-of-bounds read (CVE-ID: CVE-2026-39892)
CWE-ID: CWE-125 - Out-of-bounds read
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to out-of-bounds read in Python buffer-accepting APIs when processing a non-contiguous buffer. A local user can pass a specially crafted non-contiguous buffer to cause a denial of service.
The issue can read past the end of the buffer on Python versions later than 3.11.
2) Input validation error (CVE-ID: CVE-2026-41293)
CWE-ID: CWE-20 - Improper input validation
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to trigger unexpected application behavior.
The vulnerability exists due to improper input validation in HTTP/2 request header handling when exposing header values through the Servlet API. A remote attacker can send crafted HTTP/2 request headers to trigger unexpected application behavior.
This may affect applications that assume header values exposed through the Servlet API are specification compliant.
3) Improper Authentication (CVE-ID: CVE-2026-43512)
CWE-ID: CWE-287 - Improper Authentication
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/U:Green
The vulnerability allows a remote attacker to authenticate as an unknown user.
The vulnerability exists due to improper authentication in the DIGEST authenticator when processing authentication for users not known to the configured Realm. A remote attacker can submit the password "null" for an unknown user to authenticate as an unknown user.
This occurs only when DIGEST authentication is configured.
4) Improper Handling of Case Sensitivity (CVE-ID: CVE-2026-43513)
CWE-ID: CWE-178 - Improper Handling of Case Sensitivity
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to weaken brute-force protection against a user's password.
The vulnerability exists due to improper input handling in LockOutRealm when processing case-insensitive user names. A remote attacker can vary the case of a user name during authentication attempts to weaken brute-force protection against a user's password.
This affects Realms where user names are treated as case insensitive.
5) Improper access control (CVE-ID: CVE-2026-43515)
CWE-ID: CWE-284 - Improper Access Control
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/U:Green
The vulnerability allows a remote attacker to bypass security constraints.
The vulnerability exists due to improper access control in HTTP method constraint processing when evaluating multiple security constraints for the same extension pattern. A remote attacker can send a request using an improperly constrained HTTP method to bypass security constraints.
Remediation
Install update from vendor's website.